Add all metods in ssl_required

Can you easily add all methods behind the ssl_required instead of having
to add them one by one? Like ssl_required :all

You can define a protected method in your controller, which will make
every action in this controller and all its subclasses only available
through ssl:

   def ssl_required?
     true
   end

izidor

Izidor Jerebic wrote:

You can define a protected method in your controller, which will make
every action in this controller and all its subclasses only available
through ssl:

   def ssl_required?
     true
   end

izidor

Thanks :slight_smile:

I'm concerned this may not be the best way to go.

in my /app/controllers/application.rb file i've added

def ssl_required?
return false if ENV['RAILS_ENV'] == true
end

So that I can still run my application on webrick without https in
development mode.

But, when I want ssl_required to work on all my controllers and utilize
the method below, my ssl_required? method in the application helper
doesn't function as intended. the ssl_required in the individual
controller takes precedence.

it is too bad one can't just add

ssl_required :all

Does anyone know how to solve both problems in the best way possible?

Thank you!

Pål Bergström wrote:

class SecureAreaController < ApplicationController

  protected

    def ssl_required?
      Rails.env.production?
    end

end

class CreditCardController < SecureAreaController

  ...

end

Ryan, If you are using or can use passenger to serve your production
env, then an alternative that would make this a non-issue would be to
use passenger to serve your development env as well. That way you'd
be able to use ssl in dev env just as you would in prod env. Another
benefit would be that you'd also be able to test your prod env setup
(ie subdomain, virtual-host, passenger/web-server, etc) by having a
similar setup for your dev env.

Jeff

I found this fork of ssl_required that solves this problem, but I
haven't tried it yet:

http://github.com/bcurren/ssl_requirement

Ryan Wilson wrote: